From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Reiner Steib Newsgroups: gmane.emacs.devel Subject: Re: doc-view and mailcap Date: Wed, 17 Oct 2007 19:59:41 +0200 Message-ID: References: <87bqbhkhc6.fsf@baldur.tsdh.de> <58152.128.165.0.81.1191330286.squirrel@webmail.lanl.gov> <878x6ljwb4.fsf@baldur.tsdh.de> <87fy0r2u3z.fsf@baldur.tsdh.de> <87wsu1sear.fsf@baldur.tsdh.de> <878x6gqqfa.fsf@baldur.tsdh.de> <87abqt2x52.fsf@jurta.org> <87bqb8rmk2.fsf@jurta.org> <87ejfwgf5k.fsf@jurta.org> Reply-To: Reiner Steib NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1192644168 7531 80.91.229.12 (17 Oct 2007 18:02:48 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Wed, 17 Oct 2007 18:02:48 +0000 (UTC) Cc: Tassilo Horn , emacs-devel@gnu.org To: Richard Stallman Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Oct 17 20:02:49 2007 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.50) id 1IiDEG-0002WR-KY for ged-emacs-devel@m.gmane.org; Wed, 17 Oct 2007 20:02:48 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1IiDE9-0002N2-Hf for ged-emacs-devel@m.gmane.org; Wed, 17 Oct 2007 14:02:41 -0400 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1IiDCd-0001Ap-JY for emacs-devel@gnu.org; Wed, 17 Oct 2007 14:01:07 -0400 Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1IiDCd-0001A7-2G for emacs-devel@gnu.org; Wed, 17 Oct 2007 14:01:07 -0400 Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1IiDCc-0001A0-KD for emacs-devel@gnu.org; Wed, 17 Oct 2007 14:01:06 -0400 Original-Received: from mail.uni-ulm.de ([134.60.1.11]) by monty-python.gnu.org with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1IiDCT-0005XD-8q; Wed, 17 Oct 2007 14:00:57 -0400 Original-Received: from bridgekeeper.physik.uni-ulm.de (bridgekeeper.physik.uni-ulm.de [134.60.41.37]) by mail.uni-ulm.de (8.14.1/8.14.1) with ESMTP id l9HI0sav025954; Wed, 17 Oct 2007 20:00:55 +0200 (MEST) Original-Received: from localhost (bridgekeeper.physik.uni-ulm.de [134.60.41.37]) by bridgekeeper.physik.uni-ulm.de (Postfix) with ESMTP id BCA151C4A2; Wed, 17 Oct 2007 20:00:54 +0200 (CEST) X-Face: 1; h7XMU[7l}$T@J.D}5z*w8Tg'}B5ArAWc8>2X~otB; kOjKs8X%|hTC#dG:%Vpx")x7S/`v :VXU#fZW$X$zdhEU.RfVQ@<-m9IuN{Hm"fW{,5]6kR'M*vEs+{5Cj!L(JTRzA$(},?5J=sm; %Od, Tassilo Horn , emacs-devel@gnu.org In-Reply-To: (Richard Stallman's message of "Wed, 17 Oct 2007 01:03:12 -0400") User-Agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1.50 (gnu/linux) X-DCC-INFN-TO-Metrics: poseidon 1233; Body=3 Fuz1=3 Fuz2=3 X-Virus-Scanned: by amavisd-new X-detected-kernel: by monty-python.gnu.org: Genre and OS details not recognized. X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.devel:81077 Archived-At: On Wed, Oct 17 2007, Richard Stallman wrote: > I didn't have time to try doc-view yet [...], so I don't know if > doc-view makes sense for attachments. > > Would you please report back when you are able to try it? I had a quick look at `doc-view.el'. There's a security issue when using `doc-view' in mailcap. mailcap attempts to use a safe viewer with the safest options[1], e.g. it calls gv, gs and xdvi with the "-safer" option [2]. AFAICS, `doc-view' doesn't use such options. At least "-dSAFER" should be added in `doc-view-ghostscript-options' and `doc-view-ps2pdf-program' (or a new variable `doc-view-ps2pdf-options'?) when used with mailcap (or even always?). I don't know if similar security options are available for dvipdfm and pdftotext. Bye, Reiner. [1] ,----[ (info "(emacs-mime)Display Customization") ] | `mm-enable-external' | Indicate whether external MIME handlers should be used. | | If `t', all defined external MIME handlers are used. If `nil', | files are saved to disk (`mailcap-save-binary-file'). If it is | the symbol `ask', you are prompted before the external MIME | handler is invoked. | | When you launch an attachment through mailcap (*note mailcap::) an | attempt is made to use a safe viewer with the safest options--this | isn't the case if you save it to disk and launch it in a different | way (command line or double-clicking). Anyhow, if you want to be | sure not to launch any external programs, set this variable to | `nil' or `ask'. `---- [2] ,----[ M-x occur RET safer RET ] | 4 matches for "safer" in buffer: mailcap.el | 94: (viewer . "xdvi -safer %s") | 140: (viewer . "gv -safer %s") | 160: (viewer . "gv -safer %s") | 166: (viewer . "ghostview -dSAFER %s") `---- ,----[ gv(1) ] | -safer, -nosafer | | Whether to start ghostscript with the -dSAFER option. `---- ,----[ gs(1) ] | -dSAFER | Disables the "deletefile" and "renamefile" operators | and the ability to open files in any mode other than | read-only. This strongly recommended for spoolers, | conversion scripts or other sensitive environments | where a badly written or malicious PostScript program | code must be prevented from changing important files. `---- ,----[ xdvi(1) ] | -safer | (.safer) This option turns on all available security | options; it is designed for use when xdvi is called by | a browser that obtains a dvi or TeX file from another | site. This option selects +nogssafer and +allowshell. `---- -- ,,, (o o) ---ooO-(_)-Ooo--- | PGP key available | http://rsteib.home.pages.de/